Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows remote authenticated attackers to watch any Confluence page & receive notifications when comments are added to the watched page, and vote & watch JIRA issues that they do not have access to, although they will not receive notifications for the issue, via missing permission checks.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Atlassian Activity Streams 访问控制错误漏洞
Vulnerability Description
Atlassian Activity Streams是澳大利亚Atlassian公司的一套网页栏目快速添加工具。 Atlassian Activity Streams 6.3.0之前版本中的rest inline action resources存在访问控制错误漏洞。远程攻击者可利用该漏洞查看任意的Confluence页面和接收的通知。
CVSS Information
N/A
Vulnerability Type
N/A